IN THE CLAIMS: 

Please amend the claims as set forth below: 

1-2 (Cancelled). 

3. (Currently Amended) A method comprising: 

defining a global address space identifying a plurality of internet protocol (IP) 
addresses that are reserved for use in one or more virtual network 
environments, wherein each virtual network environment includes one or 
more of the plurality of IP addresses; 

assigning a first IP address of the plurality of IP addresses to a first application; 

assigning a second IP address of the plurality of IP addresses to a second 
application; and 

if the first application is to be isolated from the second application, including the 
first IP address in a first virtual network environment and including the 
second IP address in a second virtual network environment different from 
the first virtual network environment , wherein the first virtual network 
environment is transparent to the first application, and wherein the second 
virtual network environment is transparent to the second application . 

4. (Previously Presented) The method as recited in claim 3 further comprising, if the first 
application is to be permitted to communicate with the second application, including the 
first IP address and the second IP address in a same virtual network environment. 

5. (Previously Presented) The method as recited in claim 3 wherein the first IP address is 
a virtual IP address. 



2 



6. (Previously Presented) The method as recited in claim 3 wherein the first IP address is 
a physical IP address of a computer on which the first application is executing. 

7. (Previously Presented) The method as recited in claim 3 wherein defining the global 
address space comprises specifying a global subnet and a global netmask that encompass 
the plurality of IP addresses. 

8. (Previously Presented) The method as recited in claim 7 wherein the plurality of IP 
addresses are virtual. 

9. (Previously Presented) The method as recited in claim 7 further comprising 
associating the global subnet and global netmask with the first application and the second 
application. 

10. (Previously Presented) The method as recited in claim 9 further comprising 
associating a first subnet and a first netmask with the first application, the first subnet and 
the first netmask defining the first virtual network environment. 

11. (Previously Presented) The method as recited in claim 10 wherein the global subnet, 
the global netmask, the first subnet, and the first netmask are parameters of a process 
state of the first application. 

12. (Previously Presented) The method as recited in claim 3 further comprising: 

the first application initiating a communication to a third IP address; and 

if the third IP address is not in the global address space, permitting the 
communication. 
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13. (Previously Presented) The method as recited in claim 12 further comprising, if the 
third IP address is in the global address space and also within a same virtual network 
environment as the first IP address, permitting the communication. 

14. (Previously Presented) The method as recited in claim 12 further comprising, if the 
third IP address is in the global address space and not within a same virtual network 
environment as the first IP address, preventing the communication. 

15. (Currently Amended) A computer readable medium storing a plurality of instructions 
which, when executed, implement a method comprising: 

defining a global address space identifying a plurality of internet protocol (IP) 
addresses that are reserved for use in one or more virtual network 
environments, wherein each virtual network environment includes one or 
more of the plurality of IP addresses; 

assigning a first IP address of the plurality of IP addresses to a first application; 

assigning a second IP address of the plurality of IP addresses to a second 
application; and 

if the first application is to be isolated from the second application, including the 
first IP address in a first virtual network environment and including the 
second IP address in a second virtual network environment different from 
the first virtual network environmen t, wherein the first virtual network 
environment is transparent to the first application, and wherein the second 
virtual network environment is transparent to the second application . 

16. (Previously Presented) The computer readable medium as recited in claim 15 
wherein the method further comprises, if the first application is to be permitted to 
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communicate with the second application, including the first IP address and the second IP 
address in a same virtual network environment. 

17. (Previously Presented) The computer readable medium as recited in claim 15 
wherein the first IP address is a virtual DP address. 

18. (Previously Presented) The computer readable medium as recited in claim 15 
wherein the first IP address is a physical IP address of a computer on which the first 
application is executing. 

19. (Previously Presented) The computer readable medium as recited in claim 15 
wherein defining the global address space comprises specifying a global subnet and a 
global netmask that encompass the plurality of IP addresses. 

20. (Previously Presented) The computer readable medium as recited in claim 19 
wherein the plurality of IP addresses are virtual. 

21. (Previously Presented) The computer readable medium as recited in claim 19 
wherein the method further comprises associating the global subnet and global netmask 
with the first application and the second application. 

22. (Previously Presented) The computer readable medium as recited in claim 21 
wherein the method further comprises associating a first subnet and a first netmask with 
the first application, the first subnet and the first netmask defining the first virtual 
network environment. 

23. (Previously Presented) The computer readable medium as recited in claim 22 
wherein the global subnet, the global netmask, the first subnet, and the first netmask are 
parameters of a process state of the first application. 
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24. (Previously Presented) The computer readable medium as recited in claim 15 
wherein the method further comprises: 

in response to the first application initiating a communication to a third IP 
address; and 

if the third IP address is not in the global address space, permitting the 
communication. 

25. (Previously Presented) The computer readable medium as recited in claim 24 
wherein the method further comprises, if the third IP address is in the global address 
space and also within a same virtual network environment as the first IP address, 
permitting the communication. 

26. (Previously Presented) The computer readable medium as recited in claim 24 
wherein the method further comprises, if the third IP address is in the global address 
space and not within a same virtual network environment as the first IP address, 
preventing the communication. 

27. (Currently Amended) A system comprising a plurality of computers coupled in a 
network, wherein at least one of the computers comprises a computer readable medium 
storing a plurality of instructions which, when executed, implement a method 
comprising: 

defining a global address space identifying a plurality of internet protocol (IP) 
addresses that are reserved for use in one or more virtual network 
environments, wherein each virtual network environment includes one or 
more of the plurality of IP addresses; 

assigning a first IP address of the plurality of IP addresses to a first application; 
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assigning a second IP address of the plurality of IP addresses to a second 
application; and 

if the first application is to be isolated from the second application, including the 
first IP address in a first virtual network environment and including the 
second IP address in a second virtual network environment different from 
the first virtual network environment , wherein the first virtual network 
environment is transparent to the first application, and wherein the second 
virtual network environment is transparent to the second application . 

28. (Previously Presented) The system as recited in claim 27 wherein the method further 
comprises, if the first application is to be permitted to communicate with the second 
application, including the first IP address and the second EP address in a same virtual 
network environment. 

29. (Previously Presented) The system as recited in claim 27 wherein the first EP address 
is a virtual IP address. 

30. (Previously Presented) The system as recited in claim 27 wherein the first IP address 
is a physical IP address of one of the plurality of computers on which the first application 
is executing. 

31. (Previously Presented) The system as recited in claim 27 wherein defining the global 
address space comprises specifying a global subnet and a global netmask that encompass 
the plurality of IP addresses. 

32. (Previously Presented) The system as recited in claim 31 wherein the plurality of IP 
addresses are virtual. 
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33. (Previously Presented) The system as recited in claim 31 wherein the method further 
comprises associating the global subnet and global netmask with the first application and 
the second application. 

34. (Previously Presented) The system as recited in claim 33 wherein the method further 
comprises associating a first subnet and a first netmask with the first application, the first 
subnet and the first netmask defining the first virtual network environment. 

35. (Previously Presented) The system as recited in claim 34 wherein the global subnet, 
the global netmask, the first subnet, and the first netmask are parameters of a process 
state of the first application. 

36. (Previously Presented) The system as recited in claim 27 wherein the method further 
comprises: 

in response to the first application initiating a communication to a third IP 
address; and 

if the third IP address is not in the global address space, permitting the 
communication. 

37. (Previously Presented) The system as recited in claim 36 wherein the method further 
comprises, if the third IP address is in the global address space and also within a same 
virtual network environment as the first IP address, permitting the communication. 

38. (Previously Presented) The system as recited in claim 36 wherein the method further 
comprises, if the third IP address is in the global address space and not within a same 
virtual network environment as the first IP address, preventing the communication. 
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